[ubuntu/impish-proposed] libssh 0.9.5-1ubuntu1 (Accepted)
Marc Deslauriers
marc.deslauriers at ubuntu.com
Thu Aug 26 16:00:12 UTC 2021
libssh (0.9.5-1ubuntu1) impish; urgency=medium
* SECURITY UPDATE: possible heap-buffer overflow when rekeying
- debian/patches/CVE-2021-3634.patch: create a separate length for
session_id in include/libssh/crypto.h, src/gssapi.c, src/kdf.c,
src/kex.c, src/libcrypto.c, src/messages.c, src/packet.c, src/pki.c,
src/wrapper.c, tests/unittests/torture_session_keys.c.
- CVE-2021-3634
Date: Wed, 18 Aug 2021 11:33:35 -0400
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
https://launchpad.net/ubuntu/+source/libssh/0.9.5-1ubuntu1
-------------- next part --------------
Format: 1.8
Date: Wed, 18 Aug 2021 11:33:35 -0400
Source: libssh
Built-For-Profiles: noudeb
Architecture: source
Version: 0.9.5-1ubuntu1
Distribution: impish
Urgency: medium
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Changes:
libssh (0.9.5-1ubuntu1) impish; urgency=medium
.
* SECURITY UPDATE: possible heap-buffer overflow when rekeying
- debian/patches/CVE-2021-3634.patch: create a separate length for
session_id in include/libssh/crypto.h, src/gssapi.c, src/kdf.c,
src/kex.c, src/libcrypto.c, src/messages.c, src/packet.c, src/pki.c,
src/wrapper.c, tests/unittests/torture_session_keys.c.
- CVE-2021-3634
Checksums-Sha1:
1f7d4a927cec9079b5e1237b4cf38be4c0cdbee4 2792 libssh_0.9.5-1ubuntu1.dsc
78827917248c3bfd408e6b042f7897d85df48755 29032 libssh_0.9.5-1ubuntu1.debian.tar.xz
d12c5949a91e9482486fd43e5a22687dd6b35d73 8459 libssh_0.9.5-1ubuntu1_source.buildinfo
Checksums-Sha256:
96aa148dc6d268d288eb5981ce0c10e485f81cdb85e8369c933eab6f8e3a8f16 2792 libssh_0.9.5-1ubuntu1.dsc
9867569d497ade3dc10f95d70cf6b79da4d1319033d149518e0e9a9f254bd830 29032 libssh_0.9.5-1ubuntu1.debian.tar.xz
8c9d78c5532628a58cf41d919eca5340ebafdd58f050868103863a8e9141433c 8459 libssh_0.9.5-1ubuntu1_source.buildinfo
Files:
bfabf4e50e3586eee4ad933ff6a567eb 2792 libs optional libssh_0.9.5-1ubuntu1.dsc
e6156924c0c007028e4b5b8f53655d91 29032 libs optional libssh_0.9.5-1ubuntu1.debian.tar.xz
4964fce0686dabc1e68e851e2f471771 8459 libs optional libssh_0.9.5-1ubuntu1_source.buildinfo
Original-Maintainer: Laurent Bigonville <bigon at debian.org>
More information about the impish-changes
mailing list